Multiple Stack-Based Buffer Overflows in GNU C Library
CVE-2014-9761

9.8CRITICAL

Summary

The GNU C Library, also known as glibc or libc6, has a vulnerability that allows context-dependent attackers to induce a denial of service or potentially execute arbitrary code. This flaw stems from multiple stack-based buffer overflows triggered by improperly handled long arguments passed to specific functions, including nan, nanf, and nanl. When exploited, these vulnerabilities can lead to application crashes, affecting system reliability and security.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.